MFA = More Security for Your Accounts

As we stated in an earlier task, multi-factor authentication (“MFA” for short but it’s sometimes called “Two-factor authentication” or “2FA”) is a methodology that requires more than just your username and password for logging in to an online account. In short, it’s an extra layer of security. This extra layer of security makes it much harder for unauthorized access to your accounts.

How it Works

MFA can take many different forms. Most commonly it takes the form of numeric code that changes every thirty seconds to one minute. This code is usually obtained via a text message, an app on your phone, or a physical device with numbers on a small screen.

When available, multi-factor authentication is one of the simplest and most secure ways to protect your online accounts.

Once you have the code, the site you’re logging into will either ask for this code directly (most common) or sometimes that code will be appended onto a base password you’ve already entered.

Take Note

As great as MFA is, and as much as we recommend it, there are two things to be aware of.

1. 1. Not Always Offered: Unfortunately, you can’t control which of your online accounts use multi-factor authentication. In fact, many banks don’t have MFA. However, some banks will require an MFA code – usually via a text message – when an attempted login takes place from a device they don’t recognize. 
      
      You’ll need to look at your settings (usually under profile, or security, or something similar) and see if MFA IS something your account offers. If it’s available, we strongly recommend you enable it.
   2. Syncing Financial Institution Data: The technologies used by companies to sync user’s financial account data (including the provider used by MoneySwell) don’t handle all types of MFA well. This means that when you try to sync account data for institutions that use certain types of MFA, you may get a connection error. If you run into this with any accounts using MFA on your MoneySwell Assets & Liabilities dashboard, you have two choices.
      
      Firstly, you can disable MFA on your financial institution’s account. This will make syncing your accounts seamless. However, it will also make your account – at your financial institution only – less secure than it otherwise would be with MFA in place.
      
      Secondly, you can change your accounts that have trouble syncing from “Linked” accounts to “Manual” accounts. When you update your manual accounts (typically once or twice a month for most users), you’ll simply need to login to your institution’s site separately, note the account values, and update them in your MoneySwell dashboard.

Conclusion & Actions

• Check for MFA Options with Financial Accounts: Go to each of your financial accounts and see if they have an MFA option. Search for “multi-factor authentication” or “two-factor” authentication in your settings. Enable it according to their instructions.
• Download an Authenticator App: If MFA is available, confirm which apps your institutions work with and follow the instructions. Common authentication apps are Google Authenticator, LastPass Authenticator, Duo Mobile and more. This is a solid review article from PCMag of available authentication apps.
• *Optional* – Change “Linked” Accounts to “Manual” in MoneySwell: If you find you are unable to sync your “Linked” accounts on MoneySwell, consider changing it to a “Manual” account on the MoneySwell Assets & Liabilities dashboard. Then, a few times a month you can update the values manually without any trouble.